This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
An updated vixie-cron package that fixes a bug and security issue is
This update has been rated as having low security impact by the Red
Hat Security Response Team.
The vixie-cron package contains the Vixie version of cron. Cron is a
standard UNIX daemon that runs specified programs at scheduled times.
A bug was found in the way vixie-cron installs new crontab files. It
is possible for a local attacker to execute the crontab command in
such a way that they can view the contents of another user's crontab
file. The Common Vulnerabilities and Exposures project assigned the
name CVE-2005-1038 to this issue.
This update also fixes an issue where cron jobs could start before
their scheduled time.
All users of vixie-cron should upgrade to this updated package, which
contains backported patches and is not vulnerable to these issues.
See also :
Update the affected vixie-cron package.
Risk factor :
Low / CVSS Base Score : 2.1
CVSS Temporal Score : 1.8
Public Exploit Available : true
Family: Red Hat Local Security Checks
Nessus Plugin ID: 21088 ()
Bugtraq ID: 13024
CVE ID: CVE-2005-1038
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.